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10 material that is subject to copyright protection. The copyright owner has no 

objection to the facsimile reproduction by anyone of the patent document or the 
patent disclosure, as it appears in the Patent and Trademark Office patent files or 
records, but otherwise reserves all copyrights whatsoever. 

BACKGROUND OF THE INVENTION 

15 1 . Field of the Invention 

This invention relates generally to the field of self-service financial 
transaction terminals, such as automatic teller machines (ATMs), and more 
particularly to a method and system for remote operator interface with a self-service 
financial terminal, such as an ATM. 



ATMs include computer applications or software running on computer 
hardware within the ATM which, for example, interfaces with a host computer and 
other remote computers connected to the ATM over a network. On ATM systems 
25 that a financial institution, such as a bank, develops and that are used in branches or 
other locations, there are a set of functions that are used by supervisors and operators 
in the branch. These operator and supervisor functions are outside of the customer 
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applications and need to be performed on a routine basis to maintain the service to 
administer those ATMs. 

Currently, a way that the financial institution addresses that problem is to 
have a text based terminal that is connected over a serial line to the ATM platform 
5 developed by the financial institution. However, for a global ATM system, as the 
financial institution moves into a more off-the-shelf type of environment, for 
example, where hardware is purchased from different ATM vendors, that solution 
does not work for all vendor platforms. Further, the text based terminals are not a 
viable solution, because the technology is out of date and the cost of those terminals 
10 is also relatively high. Therefore, there is a need for an alternative to support the use 
of the operator functions for maintaining and servicing the ATMs, which is also a 
platform independent solution. 



SUMMARY OF THE INVENTION 

15 It is a feature and advantage of the present invention to provide a method and 

system for remote operator access with a self-service financial terminal, such as an 
ATM, that enables a user to access the ATM over a standard browser from a personal 
computer (PC). 

It is another feature and advantage of the present invention to provide a 
20 method and system for remote operator access with a self-service financial terminal 
that eliminates the need for a customized, highly technology dependent, specific type 
of device, such as a text based terminal. 

It is an additional feature and advantage of the present invention to provide a 
method and system for remote operator access with a self-service financial terminal 
25 utilizing a client-server architecture. 

It is a fiirther feature and advantage of the present invention to provide a 
method and system for remote operator interface with a self-service financial 
terminal which supports a plurality of supervisor type functions. 

It is still another feature and advantage of the present invention to provide a 
30 method and system for remote operator interface for a self-service financial terminal 
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that leverages Internet technology and makes the remote operator interface 
application very flexible and very easy to use. 

It is still an additional feature and advantage of the present invention to 
provide a method and system for remote operator interface for a self-service financial 
5 terminal that allows the user to administer a plurality of ATMs. 

To achieve the stated and other features, advantages and objects, the method 
and system for an embodiment of the present invention makes use of a set of web 
based applications for the operator functions to enable the operator to access the 
operator functions over a standard browser from a PC. An embodiment of the 

10 present invention makes use of a system component referred to as a remote operator 
interface PC. Each ATM with which the remote operator interface is used has a set 
of web based applications installed on it that supports the operator functions. 

In an embodiment of the present invention, an operator accesses the ATM 
from the client PC by bringing up the browser and typing in, for example, a uniform 

15 resource locator (URL) to point to the specific ATM. The remote operator interface 
supports a plurality of functions including, for example, supervisory functions, and 
enables the user to administer a plurality of ATMs, for which it is configured, to 
allow the particular functions to be performed. Communication via the remote 
operator interface is secure over a private network or virtual private network (VPN) 

20 over the Internet. An operator must be authenticated to gain access, and the 
operator's entitlements may limit access. 

In an embodiment of the present invention, the remote operator is allowed to 
access a self-service financial terminal, such as the ATM, via the browser application 
of a computing device, such as a personal computer, personal digital assistant (PDA), 

25 web-enabled wired or wireless telephone device, as well as a consumer device, such 
as a Web-TV, or a text-based terminal, such as a VT-100, coupled to the ATM over a 
network. The ATM is provided with one or more web server applications having a 
URL address. The remote operator accesses the ATM by entering the URL address 
for a web server application of the ATM, and the ATM and personal computer 

30 mutually authenticate one another. After mutual authentication, the remote operator 
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interface is started, and a logon screen is displayed for the operator at the personal 
computer. 

In response to a prompt, the remote operator enters a user identification on 
the logon screen, such as a user ID and/or a password, which corresponds to a 
particular user entitlement. In addition, when the remote operator session is started, 
the operator is prompted for selection of a preferred language for the session. The 
user identification is verified, and if the entered user identification is valid, a main 
menu of ATM operator functions is displayed for the remote operator, which 
corresponds to the particular user entitlement associated with the user identification. 

Depending on the user entitlement for the remote operator, the ATM operator 
functions displayed on the main menu includes one or more' functions selected from a 
group of operator functions consisting of a reboot function, a stop function, stop 
immediately function, a start function, a configure function, a view configuration 
fimction, a view software release information function, a view status function, a view 
integrated network controller and host connection status function, a start peruse 
function, a view event logs function, a view event logs in real-time function, a write 
event logs to file function, a start back administration function, a start command shell 
function, and an initialize personal identification number encryption keys function. 

From the main menu displayed for the remote operator, the operator enters a 
selection of at least one of the ATM operator functions according to the 
predetermined user entitlement corresponding to the user identification. The remote 
operator is then allowed to access an application for the selected ATM terminal 
operator function. The selected application that is brought up likewise corresponds 
to the predetermined user entitlement associated with the user identification entered 
by the remote operator. 

Likewise, the application that the remote operator is allowed to access 
includes one or more functions selected from a group of operator functions 
consisting of a reboot function, a stop function, stop immediately function, a start 
function, a configure function, a view configuration function, a view software release 
information function, a view status function, a view integrated network controller 
and host connection status function, a start peruse function, a view event logs 
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function, a view event logs in real-time function, a write event logs to file function, a 
start back administration function, a start command shell function, and an initialize 
personal identification number encryption keys function. 

The remote operator is allowed to perform one or more tasks associated with 
the accessed function, and the remote operator can end the session by selecting an 
exit button displayed on the main menu. A feature of the remote operator interface 
for an embodiment of the present invention restricts operator interface with the ATM 
to a single operator interface at any one time. Thus, the remote operator interface 
cannot be used while another operator interface session of any type is in process, and 
another operator interface session of any type cannot be performed while the remote 
operator interface is in process. 

Additional objects, advantages, and novel features of the invention will be set 
forth in part in the description which follows, and in part will become more apparent 
to those skilled in the art upon examination of the following, or may be learned by 
practice of the invention. 



Fig. 1 illustrates an example overview of key components and the flow of 
information between the key components of the remote operator interface for an 
embodiment of the present invention; 

Fig. 2 is a flow chart which illustrates an example of the process of using the 
remote interface for an embodiment of the present invention, including starting and 
ending remote operator interface sessions; 

Fig. 3 is a table which shows examples of the operator functions supported 
through remote operator interface for an embodiment of the present invention; 

Fig. 4 is a table which shows examples of operator functions that are 
accessible through the remote operator interface for an embodiment of the present 
invention and also indicates examples of functions available locally at the ATM via a 

o 

local operator interface or at the integrated network controller (INC); 
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Fig 5 is a flow chart which illustrates an example of the use of entitlements 
for an embodiment of the present invention; and 

Fig. 6 is a table which illustrates examples of the default language and 
additional languages available for language selection for an embodiment of the 
5 present invention. 



Referring now in detail to an embodiment of the present invention, an 
example of which is illustrated in the accompanying drawings, Fig. 1 illustrates an 

10 example overview of key components and the flow of information between the key 
components of the remote operator interface for an embodiment of the present 
invention. Referring to Fig. 1, the remote operator interface for an embodiment of 
the present invention makes use, for example, of a personal computer (PC) 10 having 
a web browser 12 and coupled over a network 14 to one or more automatic teller 

1 5 machines (ATMs) 1 6 . 

On a typical NT ATM system, supervisors and branch staff rely on a suite of 
'operator functions' to service and administer the machines. Operators access the 
operator functions on a text terminal, which is connected to an NT ATM system 
through a serial line. For a global ATM product, the need for the operator functions 

20 still exists. However, using the operator functions on a text terminal is no longer a 
viable solution. The remote operator interface for an embodiment of the present 
invention provides a solution for using operator functions on global ATM systems by 
resolving a number of issues. 



25 for which it is increasingly difficult to purchase new units and is expensive to 
maintain. In addition, serial port connection may not be available on all ATM 
platforms, and in order to have a vendor independent global ATM product, the 
solution cannot depend on availability of a serial port connection. Further, although 
operator functions can be used at the front screen of the ATM, that is often not the 

30 preferred arrangement. For example, it is inconvenient to use the back 
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Such issues include, for example, that the text terminal is an outdated product 
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administration function at the front screen, and performing operator ftinctions at the 
front screen can tie up an ATM which customers may be waiting to use. 

The solution offered by the remote operator interface for an embodiment of 
the present invention makes the operator fiinctions accessible from the remote 
5 operator interface client PC 10 over a TCI/IP network 14. Stated simply, the remote 
operator interface for an embodiment of the present invention makes use of PC and 
network technology to replace the legacy text terminal and serial line connection. 
Moreover, the operator functions for global ATMs are a set of Web based 
applications that are accessible from the remote operator interface client PC 10 

10 through the use of the Web browser 12. 

The method and system for an embodiment of the present invention makes 
use of a set of web based applications for the operator functions, such that an 
operator 1 8 is able to simply access those operator or supervisor functions over a 
standard browser 12 from the (PC) 10, which is referred to as a remote operator 

1 5 interface client PC. An embodiment of the present invention totally eliminates the 
need for any kind of customized, highly technology dependent, specific type of 
device, such as a text based terminal. 

As PCs have become so widely used and Internet web based technology has 
become such a standard, the remote operator interface for an embodiment of the 

20 present invention that is based on web technology provides an ideal solution. An 

embodiment of the present invention utilizes the system component referred to as the 
remote operator interface client PC 10 for each ATM 16. Each ATM 16 with which 
the remote operator interface is used is provided with a set of web based applications 
installed on it that supports the operator functions. Thus, in terms of the 

25 configuration, an embodiment of the present invention makes use of a client-server 
based architecture. 

In an embodiment of the present invention, the client is the PC 10 from which 
an operator accesses the ATM 16 by bringing up the browser 12 and typing in a 
uniform resource locator (URL) to point to a specific one of the ATMs 16. On the 
30 server side, the ATM 16 has a web server which runs, for this example, the Microsoft 
Internet Information Server (IS). The access from the PC 10 simply goes through 
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this standard web application, and the operator 18 is able to bring up this application 
and then log into the particular one of the ATMs 1 6 on which the operator 1 8 wants 
to perform certain types of functions. The operator 18 then initiates those functions. 
Aspects of an embodiment of the present invention address, for example, the 
5 system requirements for remote operator interface, the procedure to use remote 
operator interface, and the operator functions supported through remote operator 
interface. The system requirements include, for example, hardware, software, and 
network connectivity. An embodiment of the present invention utilizes at least one 
remote operator interface client PC 10 for the remote operator interface on global 

10 ATM systems. Examples of suitable minimum hardware requirements for PC 10 
include an Intel Pentium class central processing unit (CPU), 64 MB RAM, support 
screen resolution of 800x600x256 colors, and an ethemet card. 

In addition, in order to print transaction log information from peruse, the PC 
10 should also have, for example, a Windows NT compatible printer connected to it. 

15 There are no additional hardware requirements for the global ATM systems on which 
the remote operator interface is used to service and administer the ATMs 16. The 
remote operator interface for an embodiment of the present invention functions the 
same way regardless of whether the ATMs 16 are from different vendors, are front- 
loading or rear-loading type, or are installed in through-the-wall configuration or in a 

20 branch lobby. 

Software requirements for an embodiment of the present invention include 
vendor software, such as Microsoft Windows NT 4.0, Microsoft Internet Explorer 
4.01 or above, and IRE SafeNet/Soft-PK (for secure end-to-end communication) 
installed on the remote operator interface client PC 10. Note that the requirement for 

25 the Internet Explorer applies to a particular release for the remote operator interface, 
and other releases of the remote operator interface can support any suitable browser, 
such as Microsoft and Netscape browsers. The operator functions accessed through 
the remote operator interface are integrated into the global ATM product. Therefore, 
all software required for the remote operator interface on the global ATM system, 

30 such as the IRE SafeNet/Soft-PK, are installed on the ATM 10 during global ATM 
installation. 
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Fig. 2 is a flow chart which illustrates an example of the process of using the 
remote interface for an embodiment of the present invention, including starting and 
ending remote operator interface sessions. The client PC 10 can be used to start a 
remote operator interface session on any global ATM machine 1 6 configured to be 
5 used with the PC 10. Referring to Fig.2, at SI, the operator 18 starts the Web 

browser 12 on the client PC 10. The operator 18 enters the URL of the global ATM 
system 16 on which the remote operator interface session is to be used. The URL is 
entered, for example, as "http://NodeName/oi", where "NodeName" is the name of 
the global ATM system 16. 

10 Referring further to Fig. 2, at S2, the global ATM 16 and the client PC 10 

mutually authenticate one another. At S3, after mutual authentication, the remote 
operator interface session is started, and a user sign on screen is displayed for the 
operator 1 8 on a new Web browser window on the client PC 10. From this point 
onward, the procedure for using the remote operator interface and local operator 

15 interface, for example, at the front screen of the ATM 16, is identical. At S4, the 
operator 1 8 enters a user name and password. After the operator 1 8 enters a valid 
remote operator interface user name and password, at S5, the remote operator 
interface displays its main menu, from which the operator 1 8 can make a menu 
selection at S6. 

20 Referring again to Fig. 2, at S7, the operator 1 8 can end the remote operator 

interface session by selecting the 'exit' button at the main remote operator interface 
menu. At S8, this also causes the new browser window to be closed automatically. 
Terminating a remote operator interface session by closing the browser window 
should be avoided, as it may not provide an opportunity for an operator function to 

25 complete normally. 

An aspect of an embodiment of the present invention involves designing a 
restriction into the remote operator interface by which only one operator interface 
session is allowed at any time. Therefore, if a local operator interface session is 
already started, for example, at the firont display of a global ATM machine, other 

30 operators are unable to start a remote operator interface session on the same global 
ATM machine. Similarly, if a remote operator interface is already in session, other 



Method And System For Remote Operator Interface With A Self-Service Financial Transaction Terminal 

11 




Attorney Docket No 




10 

¥ 15 



20 



25 



operators cannot bring up either a local operator interface session or another remote 
operator interface session. Allowing only a single operator interface session, either 
local or remote, eliminates the possibility that multiple operator interface sessions 
can interfere with one another. 

The remote operator interface for an embodiment of the present invention 
supports a number of operator functions, such as rebooting the ATM, performing a 
stop or immediate stop of the ATM, starting the ATM, configuring the ATM or 
viewing the ATM configuration, and allowing the operator to look at what software 
releases are installed on the ATM. The remote operator interface also supports such 
functions as viewing the overall status of the ATM in terms of all the peripheral 
devices, such as whether they are functioning or not, and the connections to the host 
system, such as whether the connection is available or not, and/or the connection to 
the system management node, and whether that connection is available up or down. 

In addition, other operator functions supported by the remote operator 
interface for an embodiment of the present invention include, for example, looking 
specifically at the connectivity with the system management and with the host and 
providing the node address of the host. Additional operator functions supported by 
the remote operator interface also include, for example, looking at the transaction log 
which keeps a history of detailed transaction records for the activities that are 
performed by customers at the ATM, so that through the remote operator interface, a 
supervisor at the branch can use information in the transaction log to pinpoint 
whether a customer has performed a certain transaction in situations, for example, 
where there are disputes or where reconciliations are needed. 

Additional operator functions supported by the remote operator interface for 
an embodiment of the present invention include, for example, looking at the system 
event logs on the machine in terms of finding out when certain system wide events or 
device related failures occurred. Those events are logged in, and the supervisor or a 
field engineer is able to find out more detailed information about those type of 
events. Additionally, other operator functions include, for example, starting up, 
running administration fianctions to reconcile the transaction history between the 
ATM and the back-end host, and performing settlement. 
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Fig. 3 is a table which shows examples of the operator functions supported 
through remote operator interface for an embodiment of the present invention. 
Referring to Fig. 3, operator functions supported through remote operator interface 
for an embodiment of the present invention include, for example, rebooting the ATM 
5 20, stopping the ATM 22, stopping the ATM immediately 24, starting the ATM 26, 
configuring the ATM 28, viewing the ATM configuration 30, viewing software 
release information 32, viewing the ATM status 34, viewing the INC and host 
connection status 36, starting peruse 38, viewing event logs 40, viewing event logs in 
real time 42, writing event logs to file 44, starting back administration 46, starting the 

10 command shell 48, and initializing PIN encryption keys 50. 

Referring further to Fig. 3, the reboot operator function 20 involves, for 
example, waiting for an active customer session to complete and then performing an 
orderly shutdown of infrastructure software and NT before rebooting NT and 
restarting infrastructure and application software. The stop ATM operator function 

15 22 involves, for example, stopping the application and infrastructure software. This 
stop function 22 waits for a customer session to complete within a timeout period. 
Stop operation 22 causes the devices to be reinitialized at the XFS level (XFS defines 
a standard for application control of specialized ATM peripherals). In addition, the 
Web browser at the global ATM 16 is terminated and re-started. The stop operation 

20 22 affects only the application and infrastructure software, and NT is not shutdown 
or rebooted. 

Referring again to Fig. 3, the stop ATM immediately function 24 works the 
same as the stop ATM function 22 except that the stop takes effect immediately 
without waiting for a customer session to finish. The start ATM function 26 is 

25 invoked by the operator 1 8 to restart infrastructure and application software on the 
ATM 16 after using the stop function 22 or the stop immediate function 24. The 
configure ATM function 26 is used to configure or reconfigure various ATM node 
specific parameters, such as ATM TCP addresses, an integrated network controller 
(INC) node name, an INC node TCP address, business name, business address, 

30 and/or time zone. Configuration can be done either manually, or via data 

downloaded from the INC. The configure ATM function 26 also configures the 
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global ATM system 16 to recognize certain PCs, such as PC 10, as remote operator 
clients. 

Referring once more to Fig. 3, the view ATM configuration function 30 is 
used to display the ATM node specific parameters configured by the configure ATM 
5 operation 28 above. The view software release information function 32 is utilized to 
display the release level of application and infrastructure software and the build 
version of NT used in the particular ATM. However, neither file names of software 
modules nor any file attribute information is displayed by the view software 
information release information function 32. 

10 Referring still again to Fig. 3, the view ATM status function 34 for an 

embodiment of the present invention reports the ATM status, such as whether the 
ATM 16 is up or down, whether the front end connection is up or down, whether the 
ATM devices are up or down, whether the ATM 16 is in customer session or idle, 
whether the ATM safe door is open or closed, whether the ATM 1 6 is in or out of 

15 diagnostic session, and/or whether the ATM 16 is in or out of a back administration 
session. The view INC and host connection status function 36 reports the ATM 
status, such as, whether the ATM 16 is up or down, whether the ATM front end 
connection is up or down, whether the ATM devices are up or down, whether the 
ATM 16 is in a customer session or idle, whether the ATM safe door is open or 

20 closed, whether the ATM 16 is in or out of a diagnostic session, and/or whether the 
ATM 16 is in or out of a back administration session. 

Referring still further to Fig. 3, the start peruse function 38 starts the peruse 
utility to view or search contents of the MIS transaction log. The view event logs 
function 40 enables the operator 1 8 to view the content of NT event logs with 

25 filtering capability. The view event logs in real-time function 42 allows the operator 
1 8 to view updates to NT event logs in real time. The write event logs to file 
function 44 writes NT event logs to file on disks. The start back administration 
function 46 starts the back administration utility to perform proofing, settlement, and 
display counters information of the ATM 16. The start command shell function 48 

30 starts a command shell which accepts and processes commands entered by the 
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operator 18. The initialize PIN encryption keys function 50 initializes or re- 
initializes PIN encryption keys entered by the operator 18. 

Fig. 4 is a table which shows examples of operator functions that are 
accessible through the remote operator interface for an embodiment of the present 
5 invention and also indicates examples of functions available locally at the ATM 16 
via a local operator interface or at the INC. On ATMs configured with an operator 
panel, functions, such as shutdown and starting diagnostics are provided through the 
operator panel. However, for ATMs not so configured, these functions can also be 
provided by the remote operator interface. In addition, certain functions, such as 
10 starting peruse 38 and viewing event logs 40 require use of a keyboard for full 
functionality. 

The overall solution provided by the remote operator interface for an 
embodiment of the present invention entails the concept of allowing an operator with 
privileges or entitlements, such as operator 18, to access an ATM 16 over the 

15 network 14. The term "remote" is used herein in the sense that the PC 10 which 
accesses the ATM 16 can be located, for example, in close proximity to the ATM 
itself, or it can be as remote as anywhere else in the world, as long as network 
coimectivity allows the PC 10 to communicate with the ATM 16. That affords 
maximum flexibility and also leverages the Internet technology that makes the 

20 remote operator interface application both highly flexible and extremely easy to use. 

In addition, the remote operator interface for an embodiment of the present 
invention allows the operator 18 the ability to administer all the ATMs 16 for which 
it is configured to allow those types of functions to be performed. For example, a 
branch may have two ATMs or may have ten ATMs on it, and one remote operator 

25 interface PC 10 is required to use the remote operator interface. In other words, it is 
only a matter of pointing to different ATMs in the URL to allow the operator 1 8 to 
bring up the operator functions on a particular ATM, such as one of ATMs 16. Thus, 
one of the benefits of using web based technology for an embodiment of the present 
invention is that it affords a great deal of flexibility, as well as cost saving benefits, 

30 in terms of eliminating the need for more than one type of terminal or device on 
which the operator interface is used. 
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Security for the remote operator interface for an embodiment of the present 
invention is handled primarily in a separate security configuration. The PC 10 on 
which the operator 1 8 runs the remote operator interface must have preconfigured 
information to allow the PC 10 to bring up the remote operator interface on a specific 
5 one of ATMs 16. Thus, it is not just any PC that is allowed even to connect to the 
particular ATM and access the remote operator interface function. The security 
configuration enables the remote operator interface to be flexible as well as secure, in 
terms of accessibility. 



10 whether the network 14 is private or public Internet. In an aspect of an embodiment 
of the present invention, the network architecture on which the remote operator 
interface is deployed is a private network. However, it is a Transmission Control 
Protocol/Internet Protocol (TCP/IP) communications protocol-based network, and 
there is no inherent restriction built into the remote operator interface for an 

1 5 embodiment of the present invention which restricts its usage over a public network. 
Since a particular financial institution's ATM networks are all typically within its 
corporate private networks, an embodiment of the present invention may typically be 
used over the private network. 



20 there is a need to tie into the public Internet, then the security configuration which is 
used enables that to be done securely over a public Internet, because essentially a 
virtual private network is created using the security configuration, which allows the 
establishment of a private tunneling between the ATM 16 and the remote operator 
interface PC 10. 

25 An aspect of the remote operator interface for an embodiment of the present 

invention includes the use of user entitlements. For example, associated with a 
remote operator interface user group is a user logon ID that gives the operator 1 8 
access to perform particular operations that the remote operator interface provides. 
The remote operator interface software is designed so that the operator 1 8 is allowed 

30 to perform only the functions that are within the operator's area of responsibility. 

The remote operator interface enforces this restriction, for example, by requiring the 



In an embodiment of the present invention, there is no limitation as to 



However, in another aspect of an embodiment of the present invention, if 
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operator 1 8 to log onto the remote operator interface using a logon ID for the 
operator's user group which reflects the functions which the operator 18 can perform 
and supporting user entitlements, such as the authority to perform a certain operator 
function. Thus, when the operator 1 8 successfully logs onto the system by entering 
5 his or her operator interface logon ID and password, a menu is displayed containing 
only those operations that the particular operator can perform. In addition, user 
groups and their logon IDs are set up based on specific business requirements, by 
means of a customized configuration file. 



10 user entitlement is a type of a security, as well as a functionality, which restricts a 
certain type of operator to be able to do only certain things. In other words, an 
operator, such as supervisor, can be allowed to look at the ATM transaction logs and 
shut down and reboot the ATM 18. The supervisor-operator 18 has certain specific 
functions that he or she is entitled to perform, and that is configured, based on the 

15 requirements of that business on which the remote operator interface is deployed. 

Fig 5 is a flow chart which illustrates an example of the use of entitlements 
for an embodiment of the present invention. Referring to Fig. 5, assume that the 
operator 1 8 is a supervisor who is entitled to look at the event log and wishes to do 
so. The process involves, for example, at SIO, the supervisor-operator 18 first typing 
<e20 in the URL address of the ATM 16 on which he or she wants to look at the log. The 
supervisor-operator 18 enters the URL and gets a logon screen at SI 1 . At SI 2, the 
supervisor-operator 1 8 then logs on with the ID of a supervisor and a password, 
which is verified at SI 3. At SI 4, the supervisor-operator 18 is presented with a 
menu of choices or selections to which he or she is entitled, one of which is viewing 

25 the event log. 

Continuing with the example, at SI 5, the supervisor-operator 18 makes a 
selection of viewing the event records, which brings up the actual application itself at 
SI 6. At SI 7, the supervisor-operator 18 is allowed to select transaction records, for 
example, within a certain time firame during which those transactions might have 

30 occurred. The supervisor-operator 18 can also specify in that application, i.e., the 
event log application, the type of filtering criteria, such as whether to filter, for 



In the remote operator interface for an embodiment of the present invention, 
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example, on certain account numbers or certain types of currencies or certain card 
numbers. The supervisor-operator 1 8 can then enter a query request and be able to 
find out whether those transactions have occurred, and if they have occurred, what 
the details are that are provided in the log. 

In an embodiment of the present invention, all the applications are actually 
running on the server side or the ATM side. Thus, the remote operator interface for 
an embodiment of the present invention is a web server based application. There is 
actually nothing that is running on the client or the browser side, other than simply 
the information that is displayed. That information, i.e., the connection between the 
browser and the server, is all secured through the IPSECurity (IPSec) security 
protocol 52. 

Since the operator functions are Web based applications, functioning of the 
remote operator interface for an embodiment of the present invention depends on the 
client PC 10 being able to 'reach' the global ATM system 16 over the TCP/IP 
network 14. In a typical branch configuration, the remote operator interface client 
PC 10 and the global ATM system 16 are likely on the same local area network 14. 
However, that is not a required network configuration. As long as the remote 
operator interface client requests can be delivered to the global ATM 16 over 
TCP/IP, the two systems can be far apart geographically. Therefore, there is no 
inherent restriction as to how far the remote operator interface client 10 can be 
separated fi-om the global ATM 16. However, for operational convenience, the client 
PC 10 is probably best located in close proximity to the global ATM systems 16 that 
are being administered. 

Another aspect for an embodiment of the present invention provides multi- 
lingual support. When a remote operator interface session is started, a default 
language is assigned to the session. The default language assigned is based on the 
country in which the ATM 16 is located. Fig. 6 is a table which illustrates examples 
of the default language and additional languages available for language selection for 
an embodiment of the present invention. The default language is used to prompt the 
operator for the language selection, and for the caption on the exit button. If a 
particular country supports only one language, a language selection screen is not 
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displayed. For other countries, for example, English is used as the default language. 
If no other language is supported, a language selection screen is not displayed. 
Before an ATM 16 is configured, when the AcquirerCountryCode is not specified, 
the default language is English. 

Various preferred embodiments of the invention have been described in 
fulfillment of the various objects of the invention. It should be recognized that these 
embodiments are merely illustrative of the principles of the present invention. 
Numerous modifications and adaptations thereof will be readily apparent to those 
skilled in the art without departing firom the spirit and scope of the present invention. 
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